Presentation is loading. Please wait.

Presentation is loading. Please wait.

Soapbox (S Series) Who, what, where, why, how Rome Soapbox, Jan 2013 Jens Jensen, Chief Soapbox Officer.

Published byOliver Davidson Modified over 7 years ago

Similar presentations

Presentation on theme: "Soapbox (S Series) Who, what, where, why, how Rome Soapbox, Jan 2013 Jens Jensen, Chief Soapbox Officer."— Presentation transcript:

1 Soapbox (S Series) Who, what, where, why, how Rome Soapbox, Jan 2013 Jens Jensen, Chief Soapbox Officer

2 Jens Jensen, STFC/RAL Jens Jensen, STFC RAL Wherefore art thou PMA? TLA –PKI, GSI – Δguidance (eg cannot follow RFC5280) Processes: joining, staying, leaving The W&F

3 Jens Jensen, STFC/RAL Jens Jensen, STFC RAL Questions How do we measure progress? –How do projects measure progress? –Publications –KPIs –Milestones, targets –Deliverables  and reports –Meetings are not progress

4 Jens Jensen, STFC/RAL Jens Jensen, STFC RAL Has the PMA made visible progress? How? Number of (new) countries joining –Increasing, slightly –… Progress or more complexity? Number of EEs –Increasing? Or holding steady? Or decreasing? –Which is better? Work enabled by EEs –Hard to measure?

5 Jens Jensen, STFC/RAL Jens Jensen, STFC RAL How has the PMA made (visible) progress? SHA2 – technologies –Transition – not quite painful but not easy CAOPS, IGTF RPs’ uptake of IGTF New features – from the users’ perspective From the RP’s perspective – make it better! From the IGTF’s perspective – more CAs?

6 Jens Jensen, STFC/RAL Jens Jensen, STFC RAL Maintenance of minreqs What drives changes to the minreq? –And if so, what changes, and how? Middleware? –Support for *-fed, Shib User communities –Support for multi-LoA Cryptographic pressure –MD5, SHA1, key sizes

7 Jens Jensen, STFC/RAL Jens Jensen, STFC RAL Maintenance of bestpracs “Innovation” from individual members Pressure from participating projects/RPs OGF – GFD.125 and revisions Profiles have different drivers –Users – ease of use vs security –Hosts – scale and dynamicity –Robots – technology and control (authorisation) –Other

8 Jens Jensen, STFC/RAL Jens Jensen, STFC RAL Monitoring of bestpracs Monitoring sites (outside PMA) –CRL checking…(sadly, braindamaged) –IGTF release version Monitoring sites (inside PMA) –CRL “expiry” of published CRLs –Certificate expiry of trust anchors

9 Jens Jensen, STFC/RAL Jens Jensen, STFC RAL Have PMAs regressed? Tickbox checking –Necessary, but considered sufficient AP interpretations: consistency Processes for changing guidance –Not always evidence based –Silence based –Hard to due anyway due to long lead time Hard to say how to improve…?

10 Jens Jensen, STFC/RAL Jens Jensen, STFC RAL Observations All the steps are simple(ish) –Keygen, keylock, User  RA, RA  CA, issuance, delivery How do we manage to get a process which is more complex than the sum of its parts? –Users’ perception of complexity (poor tools) –Still a complex process –PMAs as Maximegalon institute?

11 Jens Jensen, STFC/RAL Jens Jensen, STFC RAL The goal of the PMA? (Zagreb Soapbox) 1.Technology 2.Quality (goodness) 3.Paradigms shifting 4.Processes 5.Understanding 6.Decisions 7.Publications

12 Jens Jensen, STFC/RAL Jens Jensen, STFC RAL How are they measured? 1.Technology – milestones, fps 2.Quality (goodness) – areté 3.Paradigms shifting – glacially, if at all 4.Processes – necessary but not exciting 5.Understanding – possibly a good use of PMA? 6.Decisions – process flawed but smtg needed 7.Publications – int’l (eg blogs), OGF, ext’l

13 Jens Jensen, STFC/RAL Jens Jensen, STFC RAL The Paradox of Perpetual Perturbation “Those with insight don’t have time” “Those with time don’t have insight” Work only gets done in (before) meetings –Deadlines focus the mind

14 Jens Jensen, STFC/RAL Jens Jensen, STFC RAL Quotes “People make more mistakes than machines” -- Milan (Zagreb) People have warmer and fuzzier feelings than machines -- Jens (Ljubljana)

15 Jens Jensen, STFC/RAL Jens Jensen, STFC RAL Quotes "Errors really aren't all that serious and you should be allowed to, like, chill man and just groove with the heavy consequences, dude." --Damian Conway in Exegesis 4 (page 3) [very much taken out of context]

16 Jens Jensen, STFC/RAL Jens Jensen, STFC RAL Data Protection Adequate and Relevant –RPs essentially decide what is A&R New data protection directive –The right to be forgotten – cannot maintain records –Extending the range of personal data (eg logs) –Dubious – informed consent isn’t

17 Jens Jensen, STFC/RAL Jens Jensen, STFC RAL Recommendations How we know whether we are making progress –(Hint – it is not the number of meetings) Do we need to become more visible? Are we still needed in a world of feds? Need revision of minreq/bestprac for DPD (Probably) need more PoC innovations?

18 Jens Jensen, STFC/RAL Jens Jensen, STFC RAL Important Goals Scalability of parameters –Number of CAs, number of certs, number of clients Dynamicity of distribution –Be more dynamic and not less Trusted –Remain at high trust –Consider introducing LoA

19 Jens Jensen, STFC/RAL Jens Jensen, STFC RAL In Memoriam Mr X

Download ppt "Soapbox (S Series) Who, what, where, why, how Rome Soapbox, Jan 2013 Jens Jensen, Chief Soapbox Officer."

Similar presentations

Robots Jens Jensen, STFC RAL GridNet2/ UK e-Science CA /NGS/GridPP/

Robots Jens Jensen, STFC RAL GridNet2/ UK e-Science CA /NGS/GridPP/
Template Profile Jens Jensen, STFC RAL GridNet2/ UK e-Science CA OGF22 Boston.

Template Profile Jens Jensen, STFC RAL GridNet2/ UK e-Science CA OGF22 Boston.
Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.

Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.
(Re)using existing AAI experiences and future --- AAI Soapbox --- Jens Jensen, STFC-RAL Terena VAMP, 0-1 Oct 2013.

(Re)using existing AAI experiences and future --- AAI Soapbox --- Jens Jensen, STFC-RAL Terena VAMP, 0-1 Oct 2013.
Classic X.509 secured profile version 4.2 Proposed Changes David Groep, Apr 20 th, 2009.

Classic X.509 secured profile version 4.2 Proposed Changes David Groep, Apr 20 th, 2009.
1 ASGCCA Self-Audit Report APGridPMA Jinny Chien March 08 2008.

1 ASGCCA Self-Audit Report APGridPMA Jinny Chien March
Resource PKI: Certificate Policy & Certification Practice Statement Dr. Stephen Kent Chief Scientist - Information Security.

Resource PKI: Certificate Policy & Certification Practice Statement Dr. Stephen Kent Chief Scientist - Information Security.
Levels of Assurance OGF Activity Michael Helm ESnet/LBNL 27 Feb 2007.

Levels of Assurance OGF Activity Michael Helm ESnet/LBNL 27 Feb 2007.
1 REUNA Certificate Authority Juan Carlos Martínez REUNA Chile Rio de Janeiro,27/03/2006, F2F meeting, TAGPMA.

1 REUNA Certificate Authority Juan Carlos Martínez REUNA Chile Rio de Janeiro,27/03/2006, F2F meeting, TAGPMA.
Open Science Grid Use of PKI: Wishing it was easy A brief and incomplete introduction. Doug Olson, LBNL PKI Workshop, NIST 5 April 2006.

Open Science Grid Use of PKI: Wishing it was easy A brief and incomplete introduction. Doug Olson, LBNL PKI Workshop, NIST 5 April 2006.
Andrew McNab - Manchester HEP - 6 November 2001 www.gridpp.ac.uk Old version of website was maintained from Unix command line => needed (gsi)ssh access.

Andrew McNab - Manchester HEP - 6 November Old version of website was maintained from Unix command line => needed (gsi)ssh access.
CVE-2008-0166, lessons learned and actions David Groep, Nov 7 nd, 2008.

CVE , lessons learned and actions David Groep, Nov 7 nd, 2008.
Certificate Path Building draft-ietf-pkix-certpathbuild-01.txt Peter Hesse Matt Cooper Yuriy Dzambasow Susan Joseph Richard Nicholas.

Certificate Path Building draft-ietf-pkix-certpathbuild-01.txt Peter Hesse Matt Cooper Yuriy Dzambasow Susan Joseph Richard Nicholas.
Jens G Jensen CCLRC e-Science Single Sign-on to the Grid Federated Access and Integrated Identity Management.

Jens G Jensen CCLRC e-Science Single Sign-on to the Grid Federated Access and Integrated Identity Management.
Federated A(A(A))I Jens Jensen hepsysman, RAL, 20110701.

Federated A(A(A))I Jens Jensen hepsysman, RAL,
Handling information 14 Standard.

Handling information 14 Standard.
University of Palestine software engineering department Testing of Software Systems Fundamentals of testing instructor: Tasneem Darwish.

University of Palestine software engineering department Testing of Software Systems Fundamentals of testing instructor: Tasneem Darwish.
On Robots J Jensen STFC Rutherford Appleton Lab OGF 20, Manchester, May 2007.

On Robots J Jensen STFC Rutherford Appleton Lab OGF 20, Manchester, May 2007.
Verification: Quality Assurance in Assessment Verification is the main quality assurance process associated with assessment systems and practice - whether.

Verification: Quality Assurance in Assessment Verification is the main quality assurance process associated with assessment systems and practice - whether.
ETICS2 All Hands Meeting VEGA GmbH INFSOM-RI-1234567 Uwe Mueller-Wilm Palermo, Oct. 2008 ETICS Service Management Framework Business Objectives and “Best.

ETICS2 All Hands Meeting VEGA GmbH INFSOM-RI Uwe Mueller-Wilm Palermo, Oct ETICS Service Management Framework Business Objectives and “Best.

Similar presentations

Ads by Google